JavaScript: Model util.deprecate as a pre call-graph step.

Author: Max Schaefer

javascript/ql/src/semmle/javascript/frameworks/NodeJSLib.qll

@@ -5,6 +5,7 @@
 import javascript
 import semmle.javascript.frameworks.HTTP
 import semmle.javascript.security.SensitiveActions
+private import semmle.javascript.dataflow.internal.PreCallGraphStep
 
 module NodeJSLib {
   private GlobalVariable processVariable() { variables(result, "process", any(GlobalScope sc)) }
@@ -610,6 +611,22 @@ module NodeJSLib {
     )
   }
 
+  /**
+   * A call to `util.deprecate`, considered to introduce data flow from its first argument
+   * to its result.
+   */
+  private class UtilDeprecateStep extends PreCallGraphStep {
+    override predicate step(DataFlow::Node pred, DataFlow::Node succ) {
+      exists(DataFlow::CallNode deprecate |
+        deprecate = DataFlow::moduleMember("util", "deprecate").getACall() or
+        deprecate = DataFlow::moduleImport("util-deprecate").getACall()
+      |
+        pred = deprecate.getArgument(0) and
+        succ = deprecate
+      )
+    }
+  }
+
   /**
    * A call to a method from module `child_process`.
    */

javascript/ql/test/library-tests/TypeTracking/TypeTracking.expected

@@ -1 +0,0 @@
-| client2.js:3:6:3:16 | // track: f | Failed to track f here. |